1: <?php
2:
3: 4: 5: 6: 7: 8: 9: 10:
11:
12: namespace Nette\Security;
13:
14: use Nette;
15:
16:
17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29:
30: class User extends Nette\Object
31: {
32:
33: const MANUAL = IUserStorage::MANUAL,
34: INACTIVITY = IUserStorage::INACTIVITY,
35: BROWSER_CLOSED = IUserStorage::BROWSER_CLOSED;
36:
37:
38: public $guestRole = 'guest';
39:
40:
41: public $authenticatedRole = 'authenticated';
42:
43:
44: public $onLoggedIn;
45:
46:
47: public $onLoggedOut;
48:
49:
50: private $storage;
51:
52:
53: private $authenticator;
54:
55:
56: private $authorizator;
57:
58:
59: private $context;
60:
61:
62: public function __construct(IUserStorage $storage, Nette\DI\Container $context)
63: {
64: $this->storage = $storage;
65: $this->context = $context;
66: }
67:
68:
69: 70: 71:
72: final public function getStorage()
73: {
74: return $this->storage;
75: }
76:
77:
78:
79:
80:
81: 82: 83: 84: 85: 86: 87:
88: public function login($id = NULL, $password = NULL)
89: {
90: $this->logout(TRUE);
91: if (!$id instanceof IIdentity) {
92: $id = $this->getAuthenticator()->authenticate(func_get_args());
93: }
94: $this->storage->setIdentity($id);
95: $this->storage->setAuthenticated(TRUE);
96: $this->onLoggedIn($this);
97: }
98:
99:
100: 101: 102: 103: 104:
105: final public function logout($clearIdentity = FALSE)
106: {
107: if ($this->isLoggedIn()) {
108: $this->onLoggedOut($this);
109: $this->storage->setAuthenticated(FALSE);
110: }
111: if ($clearIdentity) {
112: $this->storage->setIdentity(NULL);
113: }
114: }
115:
116:
117: 118: 119: 120:
121: final public function isLoggedIn()
122: {
123: return $this->storage->isAuthenticated();
124: }
125:
126:
127: 128: 129: 130:
131: final public function getIdentity()
132: {
133: return $this->storage->getIdentity();
134: }
135:
136:
137: 138: 139: 140:
141: public function getId()
142: {
143: $identity = $this->getIdentity();
144: return $identity ? $identity->getId() : NULL;
145: }
146:
147:
148: 149: 150: 151:
152: public function setAuthenticator(IAuthenticator $handler)
153: {
154: $this->authenticator = $handler;
155: return $this;
156: }
157:
158:
159: 160: 161: 162:
163: final public function getAuthenticator()
164: {
165: return $this->authenticator ?: $this->context->getByType('Nette\Security\IAuthenticator');
166: }
167:
168:
169: 170: 171: 172: 173: 174: 175:
176: public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
177: {
178: $flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
179: $this->storage->setExpiration($time, $flags);
180: return $this;
181: }
182:
183:
184: 185: 186: 187:
188: final public function getLogoutReason()
189: {
190: return $this->storage->getLogoutReason();
191: }
192:
193:
194:
195:
196:
197: 198: 199: 200:
201: public function getRoles()
202: {
203: if (!$this->isLoggedIn()) {
204: return array($this->guestRole);
205: }
206:
207: $identity = $this->getIdentity();
208: return $identity && $identity->getRoles() ? $identity->getRoles() : array($this->authenticatedRole);
209: }
210:
211:
212: 213: 214: 215: 216:
217: final public function isInRole($role)
218: {
219: return in_array($role, $this->getRoles(), TRUE);
220: }
221:
222:
223: 224: 225: 226: 227: 228: 229:
230: public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
231: {
232: $authorizator = $this->getAuthorizator();
233: foreach ($this->getRoles() as $role) {
234: if ($authorizator->isAllowed($role, $resource, $privilege)) {
235: return TRUE;
236: }
237: }
238:
239: return FALSE;
240: }
241:
242:
243: 244: 245: 246:
247: public function setAuthorizator(IAuthorizator $handler)
248: {
249: $this->authorizator = $handler;
250: return $this;
251: }
252:
253:
254: 255: 256: 257:
258: final public function getAuthorizator()
259: {
260: return $this->authorizator ?: $this->context->getByType('Nette\Security\IAuthorizator');
261: }
262:
263:
264:
265:
266:
267: function setNamespace($namespace)
268: {
269: trigger_error(__METHOD__ . '() is deprecated; use getStorage()->setNamespace() instead.', E_USER_WARNING);
270: $this->storage->setNamespace($namespace);
271: return $this;
272: }
273:
274:
275: function getNamespace()
276: {
277: trigger_error(__METHOD__ . '() is deprecated; use getStorage()->getNamespace() instead.', E_USER_WARNING);
278: return $this->storage->getNamespace();
279: }
280:
281:
282: function setAuthenticationHandler($v)
283: {
284: trigger_error(__METHOD__ . '() is deprecated; use setAuthenticator() instead.', E_USER_WARNING);
285: return $this->setAuthenticator($v);
286: }
287:
288:
289: function setAuthorizationHandler($v)
290: {
291: trigger_error(__METHOD__ . '() is deprecated; use setAuthorizator() instead.', E_USER_WARNING);
292: return $this->setAuthorizator($v);
293: }
294:
295: }
296: